Transformation Services Agreement - NSW Department of Education ...
Transformation Services Agreement - NSW Department of Education ...
Transformation Services Agreement - NSW Department of Education ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
22. Privacy<br />
(a)<br />
(b)<br />
(c)<br />
(d)<br />
(e)<br />
The Contractor must comply with the obligations set out in Schedule 12 and any<br />
Laws relating to privacy.<br />
The Contractor must immediately notify DEC when the Contractor becomes aware<br />
<strong>of</strong> or receives a complaint relating to a breach <strong>of</strong> this clause 22 by the Contractor or<br />
its Personnel.<br />
[Omitted.]<br />
[Omitted.]<br />
This clause 22 will survive the termination or expiry <strong>of</strong> this agreement for a period<br />
<strong>of</strong> six years.<br />
23. Information security<br />
23.1 No unauthorised access<br />
The Contractor will, to the extent the System and <strong>NSW</strong> Government Property are within its<br />
possession or control, take all reasonable steps to ensure that no unauthorised party:<br />
(a)<br />
(b)<br />
is allowed physical or electronic access to the System or <strong>NSW</strong> Government<br />
Property; and<br />
prevents the Solution from being available.<br />
This includes installing and maintaining adequate security features within the System.<br />
23.2 Safeguarding DEC Data<br />
(a)<br />
The Contractor will establish and maintain environmental, safety and facility<br />
procedures, data security procedures and other safeguards against the destruction,<br />
loss, unauthorised access or alteration <strong>of</strong> DEC Data in the possession <strong>of</strong> Contractor<br />
which are:<br />
(i)<br />
(ii)<br />
(iii)<br />
no less rigorous than those maintained by the Contractor for its own<br />
information <strong>of</strong> a similar nature;<br />
no less rigorous than accepted security standards in the industry,<br />
including those set forth in the Specifications; and<br />
adequate to meet the requirements <strong>of</strong> the DEC Policies.<br />
(b)<br />
(c)<br />
(d)<br />
Within 6 months following the Effective Date and as subsequently requested by<br />
DEC but no more frequently than once each year, the Contractor will evaluate the<br />
then-current DEC security policy and will prepare and submit for DEC review and<br />
approval recommendations with respect to changes or modifications to such policy.<br />
The Contractor may charge Time and Materials for work performed under this<br />
clause in excess <strong>of</strong> the first 4 days <strong>of</strong> work.<br />
The Contractor will maintain and enforce the then-current DEC security policy until<br />
any changes or modifications are approved by DEC for implementation.<br />
The Contractor will adhere to DEC Data policies and testing requirements in the<br />
Specifications.<br />
Legal\305532610.12 Commercial-in-confidence 27